From: Andrew Bartlett Date: Mon, 30 Aug 2010 03:28:19 +0000 (+1000) Subject: libcli/security Rename all privilege bitmaps constants X-Git-Url: http://git.samba.org/?p=abartlet%2Fsamba.git%2F.git;a=commitdiff_plain;h=99688e536174ffe990caefb1fb6bdd1082478c50 libcli/security Rename all privilege bitmaps constants The idea here to to make it very clear how they differ from the enumerated LUID values. Andrew Bartlett Signed-off-by: Andrew Tridgell --- diff --git a/libcli/security/privileges.c b/libcli/security/privileges.c index 309a5328311..1e22f542806 100644 --- a/libcli/security/privileges.c +++ b/libcli/security/privileges.c @@ -62,15 +62,15 @@ static const struct { const char *description; } privs[] = { - {SEC_PRIV_MACHINE_ACCOUNT, SE_MACHINE_ACCOUNT, "SeMachineAccountPrivilege", "Add machines to domain"}, - {SEC_PRIV_TAKE_OWNERSHIP, SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects"}, - {SEC_PRIV_BACKUP, SE_BACKUP, "SeBackupPrivilege", "Back up files and directories"}, - {SEC_PRIV_RESTORE, SE_RESTORE, "SeRestorePrivilege", "Restore files and directories"}, - {SEC_PRIV_REMOTE_SHUTDOWN, SE_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system"}, + {SEC_PRIV_MACHINE_ACCOUNT, SEC_PRIV_MACHINE_ACCOUNT_BIT, "SeMachineAccountPrivilege", "Add machines to domain"}, + {SEC_PRIV_TAKE_OWNERSHIP, SEC_PRIV_TAKE_OWNERSHIP_BIT, "SeTakeOwnershipPrivilege", "Take ownership of files or other objects"}, + {SEC_PRIV_BACKUP, SEC_PRIV_BACKUP_BIT, "SeBackupPrivilege", "Back up files and directories"}, + {SEC_PRIV_RESTORE, SEC_PRIV_RESTORE_BIT, "SeRestorePrivilege", "Restore files and directories"}, + {SEC_PRIV_REMOTE_SHUTDOWN, SEC_PRIV_REMOTE_SHUTDOWN_BIT, "SeRemoteShutdownPrivilege", "Force shutdown from a remote system"}, - {SEC_PRIV_PRINT_OPERATOR, SE_PRINT_OPERATOR, "SePrintOperatorPrivilege", "Manage printers"}, - {SEC_PRIV_ADD_USERS, SE_ADD_USERS, "SeAddUsersPrivilege", "Add users and groups to the domain"}, - {SEC_PRIV_DISK_OPERATOR, SE_DISK_OPERATOR, "SeDiskOperatorPrivilege", "Manage disk shares"}, + {SEC_PRIV_PRINT_OPERATOR, SEC_PRIV_PRINT_OPERATOR_BIT, "SePrintOperatorPrivilege", "Manage printers"}, + {SEC_PRIV_ADD_USERS, SEC_PRIV_ADD_USERS_BIT, "SeAddUsersPrivilege", "Add users and groups to the domain"}, + {SEC_PRIV_DISK_OPERATOR, SEC_PRIV_DISK_OPERATOR_BIT, "SeDiskOperatorPrivilege", "Manage disk shares"}, /* The list from here on was not displayed in the code from * source3/ with the comment that usrmgr will display these @@ -82,102 +82,102 @@ static const struct { or full list (including many other privileges) is used */ {SEC_PRIV_SECURITY, - SE_SECURITY, + SEC_PRIV_SECURITY_BIT, "SeSecurityPrivilege", "System security"}, {SEC_PRIV_SYSTEMTIME, - SE_SYSTEMTIME, + SEC_PRIV_SYSTEMTIME_BIT, "SeSystemtimePrivilege", "Set the system clock"}, {SEC_PRIV_SHUTDOWN, - SE_SHUTDOWN, + SEC_PRIV_SHUTDOWN_BIT, "SeShutdownPrivilege", "Shutdown the system"}, {SEC_PRIV_DEBUG, - SE_DEBUG, + SEC_PRIV_DEBUG_BIT, "SeDebugPrivilege", "Debug processes"}, {SEC_PRIV_SYSTEM_ENVIRONMENT, - SE_SYSTEM_ENVIRONMENT, + SEC_PRIV_SYSTEM_ENVIRONMENT_BIT, "SeSystemEnvironmentPrivilege", "Modify system environment"}, {SEC_PRIV_SYSTEM_PROFILE, - SE_SYSTEM_PROFILE, + SEC_PRIV_SYSTEM_PROFILE_BIT, "SeSystemProfilePrivilege", "Profile the system"}, {SEC_PRIV_PROFILE_SINGLE_PROCESS, - SE_PROFILE_SINGLE_PROCESS, + SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT, "SeProfileSingleProcessPrivilege", "Profile one process"}, {SEC_PRIV_INCREASE_BASE_PRIORITY, - SE_INCREASE_BASE_PRIORITY, + SEC_PRIV_INCREASE_BASE_PRIORITY_BIT, "SeIncreaseBasePriorityPrivilege", "Increase base priority"}, {SEC_PRIV_LOAD_DRIVER, - SE_LOAD_DRIVER, + SEC_PRIV_LOAD_DRIVER_BIT, "SeLoadDriverPrivilege", "Load drivers"}, {SEC_PRIV_CREATE_PAGEFILE, - SE_CREATE_PAGEFILE, + SEC_PRIV_CREATE_PAGEFILE_BIT, "SeCreatePagefilePrivilege", "Create page files"}, {SEC_PRIV_INCREASE_QUOTA, - SE_INCREASE_QUOTA, + SEC_PRIV_INCREASE_QUOTA_BIT, "SeIncreaseQuotaPrivilege", "Increase quota"}, {SEC_PRIV_CHANGE_NOTIFY, - SE_CHANGE_NOTIFY, + SEC_PRIV_CHANGE_NOTIFY_BIT, "SeChangeNotifyPrivilege", "Register for change notify"}, {SEC_PRIV_UNDOCK, - SE_UNDOCK, + SEC_PRIV_UNDOCK_BIT, "SeUndockPrivilege", "Undock devices"}, {SEC_PRIV_MANAGE_VOLUME, - SE_MANAGE_VOLUME, + SEC_PRIV_MANAGE_VOLUME_BIT, "SeManageVolumePrivilege", "Manage system volumes"}, {SEC_PRIV_IMPERSONATE, - SE_IMPERSONATE, + SEC_PRIV_IMPERSONATE_BIT, "SeImpersonatePrivilege", "Impersonate users"}, {SEC_PRIV_CREATE_GLOBAL, - SE_CREATE_GLOBAL, + SEC_PRIV_CREATE_GLOBAL_BIT, "SeCreateGlobalPrivilege", "Create global"}, {SEC_PRIV_ENABLE_DELEGATION, - SE_ENABLE_DELEGATION, + SEC_PRIV_ENABLE_DELEGATION_BIT, "SeEnableDelegationPrivilege", "Enable Delegation"}, {SEC_PRIV_INTERACTIVE_LOGON, - SE_INTERACTIVE_LOGON, + SEC_PRIV_INTERACTIVE_LOGON_BIT, "SeInteractiveLogonRight", "Interactive logon"}, {SEC_PRIV_NETWORK_LOGON, - SE_NETWORK_LOGON, + SEC_PRIV_NETWORK_LOGON_BIT, "SeNetworkLogonRight", "Network logon"}, {SEC_PRIV_REMOTE_INTERACTIVE_LOGON, - SE_REMOTE_INTERACTIVE_LOGON, + SEC_PRIV_REMOTE_INTERACTIVE_LOGON_BIT, "SeRemoteInteractiveLogonRight", "Remote Interactive logon"} }; diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 38ff4ad4af0..4f5245b2e4f 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -403,42 +403,42 @@ interface security * as a bitmap (privilages.ldb uses the string forms). */ typedef [bitmap64bit] bitmap { - SE_NETWORK_LOGON = 0x00000001, - SE_INTERACTIVE_LOGON = 0x00000002, - SE_BATCH_LOGON = 0x00000004, - SE_SERVICE_LOGON = 0x00000008, - SE_MACHINE_ACCOUNT = 0x00000010, + SEC_PRIV_NETWORK_LOGON_BIT = 0x00000001, + SEC_PRIV_INTERACTIVE_LOGON_BIT = 0x00000002, + SEC_PRIV_BATCH_LOGON_BIT = 0x00000004, + SEC_PRIV_SERVICE_LOGON_BIT = 0x00000008, + SEC_PRIV_MACHINE_ACCOUNT_BIT = 0x00000010, /* Samba-specific privs */ - SE_PRINT_OPERATOR = 0x00000020, - SE_ADD_USERS = 0x00000040, - SE_DISK_OPERATOR = 0x00000080, - - SE_REMOTE_SHUTDOWN = 0x00000100, - SE_BACKUP = 0x00000200, - SE_RESTORE = 0x00000400, - SE_TAKE_OWNERSHIP = 0x00000800, + SEC_PRIV_PRINT_OPERATOR_BIT = 0x00000020, + SEC_PRIV_ADD_USERS_BIT = 0x00000040, + SEC_PRIV_DISK_OPERATOR_BIT = 0x00000080, + + SEC_PRIV_REMOTE_SHUTDOWN_BIT = 0x00000100, + SEC_PRIV_BACKUP_BIT = 0x00000200, + SEC_PRIV_RESTORE_BIT = 0x00000400, + SEC_PRIV_TAKE_OWNERSHIP_BIT = 0x00000800, /* End of privilages implemented before merge to common code */ - SE_INCREASE_QUOTA = 0x00001000, - SE_SECURITY = 0x00002000, - SE_LOAD_DRIVER = 0x00004000, - SE_SYSTEM_PROFILE = 0x00008000, - SE_SYSTEMTIME = 0x00010000, - SE_PROFILE_SINGLE_PROCESS = 0x00020000, - SE_INCREASE_BASE_PRIORITY = 0x00040000, - SE_CREATE_PAGEFILE = 0x00080000, - SE_SHUTDOWN = 0x00100000, - SE_DEBUG = 0x00200000, - SE_SYSTEM_ENVIRONMENT = 0x00400000, - SE_CHANGE_NOTIFY = 0x00800000, - SE_UNDOCK = 0x01000000, - SE_ENABLE_DELEGATION = 0x02000000, - SE_MANAGE_VOLUME = 0x04000000, - SE_IMPERSONATE = 0x08000000, - SE_CREATE_GLOBAL = 0x10000000, + SEC_PRIV_INCREASE_QUOTA_BIT = 0x00001000, + SEC_PRIV_SECURITY_BIT = 0x00002000, + SEC_PRIV_LOAD_DRIVER_BIT = 0x00004000, + SEC_PRIV_SYSTEM_PROFILE_BIT = 0x00008000, + SEC_PRIV_SYSTEMTIME_BIT = 0x00010000, + SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT = 0x00020000, + SEC_PRIV_INCREASE_BASE_PRIORITY_BIT = 0x00040000, + SEC_PRIV_CREATE_PAGEFILE_BIT = 0x00080000, + SEC_PRIV_SHUTDOWN_BIT = 0x00100000, + SEC_PRIV_DEBUG_BIT = 0x00200000, + SEC_PRIV_SYSTEM_ENVIRONMENT_BIT = 0x00400000, + SEC_PRIV_CHANGE_NOTIFY_BIT = 0x00800000, + SEC_PRIV_UNDOCK_BIT = 0x01000000, + SEC_PRIV_ENABLE_DELEGATION_BIT = 0x02000000, + SEC_PRIV_MANAGE_VOLUME_BIT = 0x04000000, + SEC_PRIV_IMPERSONATE_BIT = 0x08000000, + SEC_PRIV_CREATE_GLOBAL_BIT = 0x10000000, /* Windows privs not in the list above */ - SE_REMOTE_INTERACTIVE_LOGON = 0x20000000 + SEC_PRIV_REMOTE_INTERACTIVE_LOGON_BIT = 0x20000000 } se_privilege; typedef [public,bitmap8bit] bitmap {